package com.qf.work20250104;

import java.sql.*;
import java.util.Scanner;

/**
 * @author zdl
 * @date 2025/1/4
 */
public class Demo2 {
    public static void main(String[] args) throws SQLException, ClassNotFoundException {
        Scanner sc = new Scanner(System.in);
        System.out.println("请输入账号:");
        String u = sc.nextLine();
        System.out.println("请输入密码:");
        String p = sc.nextLine();
        User user = login(u, p);
        System.out.println(user);

       /* User user1 = new User();
        user1.setUsername("user");
        user1.setPassword("123");
        User user = login2(user1);
        System.out.println(user);*/
    }

    public static User login(String u, String p) throws ClassNotFoundException, SQLException {
        //防注入
        Class.forName("com.mysql.jdbc.Driver");
        Connection conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/mydb1_2?useSSL=false", "root", "123456");
        String sql = "select * from tb_user where username = ? and password = ?";
        System.out.println("处理前:" + sql);
        PreparedStatement ps = conn.prepareStatement(sql);
        System.out.println("处理后:" + ps);
        ps.setString(1, u);
        ps.setString(2, p);
        //System.out.println(ps);
        ResultSet rs = ps.executeQuery();
        User user = null;
        if (rs.next()) {
            System.out.println("登录成功!");
            int id = rs.getInt("id");
            String name = rs.getString("username");
            String pwd = rs.getString("password");
            String phone = rs.getString("phone");
            Date create_time = rs.getDate("create_time");
            double money = rs.getDouble("money");
            int sex = rs.getInt("sex");
            user = new User(id, name, pwd, phone, create_time, money, sex);
            return user;
        } else {
            System.out.println("登录失败！账号或密码错误");
            return user;
        }
    }

    public static User login2(User user) throws ClassNotFoundException, SQLException {
        Class.forName("com.mysql.jdbc.Driver");
        Connection conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/mydb1_2?useSSL=false", "root", "123456");
        String sql = "select * from tb_user where username = ? and password = ?";
        PreparedStatement ps = conn.prepareStatement(sql);
        ps.setString(1, user.getUsername());
        ps.setString(2, user.getPassword());
        ResultSet rs = ps.executeQuery();
        if (rs.next()) {
            System.out.println("登录成功!");
            int id = rs.getInt("id");
            String name = rs.getString("username");
            String pwd = rs.getString("password");
            String phone = rs.getString("phone");
            Date create_time = rs.getDate("create_time");
            double money = rs.getDouble("money");
            int sex = rs.getInt("sex");
            user = new User(id, name, pwd, phone, create_time, money, sex);
            return user;
        } else {
            System.out.println("登录失败！账号或密码错误");
            return null;
        }
    }
}
